Cyber Attacks on Manufacturers
CNA Financial Corporation
Stephen Douglas, Risk Control Director
College of the Canyons, through its Center for Applied Competitive Technologies and Employee Training Institute, conducts technology briefings for college staff, faculty, and industry partners. Working with industry leaders, these presentations are designed to make information available on new and emerging technologies to enhance the productivity and global competitiveness of regional businesses. This presentation highlighted some of the emerging risks to manufacturers, as well as common threats to information security. Basic loss prevention and mitigation techniques, including the role of insurance protection were discussed.
Regardless of your size or industry, adequate controls are needed to minimize the risks to your sensitive data. There are five steps to take to strengthen industry’s cyber risk management strategy:
- Perform a risk assessment - A critical first step in enhancing data security is having a thorough inventory of the kind of information you have, how much of it you have and where you have it.
- Educate your team - Everyone is accountable in managing cyber risks. Implement a sound internal communication and training strategy on the protection and proper use of sensitive data, including how to recognize and report security threats.
- Know your vendors - When entrusting personal information to third parties, implement reasonable measures to ensure they have the capacity to protect this information.
- Address portable devices - Accidental loss and theft of laptops, smartphones and tablets are leading causes of compromised data. It is crucial to always encrypt these devices to render the protected information unreadable and unusable in the event of a breach.
- Make sure you're properly covered - Insurance is an important weapon in this war. According to the Ponemon Institute, www.ponemon.org, the average security breach costs organizations almost $200 for each record that's stolen, or about $5.5 million for the typical company breach.
The following presentation was well attended and there was much dialog in discussing ransomware case scenarios against manufacturing. An Advanced Manufacturing presentation will be offered in the SCCRC region soon, beginning at College of the Canyons and expanding to other locations in the region shortly after.